European Businesses At Risk of DNS-Powered Security Breaches

7 September 2016

The European single market is an attractive place to do business, an open trade zone with common regulation that encompasses 28 countries and nearly 600 million people, combined with liberal EU-wide telecom policies. That also means it’s an attractive place for online criminals who are becoming increasingly sophisticated.

With an EU-wide privacy policy, GDPR (now in place and with less than two years for businesses to become compliant), securing your systems is now a high priority: with GDPR it’s possible for a privacy breach to cost you 4% of global turnover in fines. With DNS now being used to exfiltrate data from networks and as a tool for controlling malware, getting a grip on DNS security is going to be important for any business that needs to become GDPR compliant.

EfficientIP’s first global DNS security survey shows just how ready European companies are for a new generation of DNS-based infrastructure attacks, and more importantly how they compare with each other and with the rest of the world. We’ve already looked at the US results in more detail, now it’s time to look at the EU.

Perhaps the most worrying conclusion is that the EU isn’t fully aware of the risks associated with DNS. With GDPR on the horizon, it’s an oversight that can mean European companies are failing in their duty to have effective security. In part, this is due to a shift in the tools and tactics used by attackers, but also a sign that they’re not keeping up to date in understanding the risks for their networks and their businesses. Now that DNS is an important route for attackers, it’s a concern that both France (18.4% of respondents) and Spain (23.2%) have a significant number of businesses not using DNS security. Where security is being used, it’s not being used effectively, with only 43% of businesses across Europe using analytics to monitor and analyze their DNS networks.

Much of this response can perhaps be assigned to poor understanding of the importance of DNS. In Germany, just over 59% of businesses didn’t consider DNS as critical for business – even though it is the basis for all internet domain names. Similarly, there was a lack of awareness of newer, more sophisticated DNS attacks. Overall, there was a lack of maturity around DNS security – though this did vary from country to country across Europe.

However, the overall European average for DNS DDoS attacks was lower than the rest of the world, with 35.5% of businesses experiencing a DDoS attack, compared to 40.6% and 41.3% in the US and Asia. That may have been due to an increase in more sophisticated DNS attacks, with both France and Germany demonstrating a significant loss of business, at 29.9% of respondents- the largest number globally. In a sign of increasingly sophisticated DNS-based attacks, 16.5% of businesses in France and Germany reported loss of intellectual property as a result of DNS attacks, while France also saw 28.9% of respondents having compromised websites.

Despite issues in securing DNS, European companies are world-class at responding to them. For example, Spain had the highest global response to stemming and blocking DDoS attacks, with 29.7% of respondents using this as a tool for mitigating attacks. The UK can also claim honors, as 41.2% of companies were able to resolve attacks in less than 10 minutes, better than the US, where 31% had the same success rate. Yet, some parts of Europe had issues responding to attacks, with 34% of French companies needing 6 hours to resolve an attack – and 8.2% of Spanish companies taking more than a day, double the number in the UK, US, and Germany, and four times more than in France.

It’s important for European businesses to implement an effective DNS security strategy. Not only are attackers using it as a tool for extracting data, they’re also using it to flood networks with DNS queries, and 20% of all respondents in EMEA experienced attacks between 1-5Gbps. France had the highest number of high volume attacks, with 4.1% of respondents seeing rates of more than 10Gbps.

That all adds up to a risk of losing significant amounts of money. The UK was almost 3 times more likely to lose $5M than Germany (2.9% vs 1%). France had the highest risk of an attack costing between $1M and $5M, with 17.5% of respondents reporting attack costs in this range.

Building a secure, risk-free European digital market is critical to the EU’s economic future. It’s also a future that’s already in danger. A recent Swiss study of European data centers showed that only 8 of 28 EU nations could be considered truly secure for hosting data.

Getting your DNS security right is key to securing a modern data center, and that means implementing a modern DNS service. Large attacks are becoming more and more common, and European businesses are not protected well enough. Legacy DNS servers can only absorb 300,000 queries per second, requiring a network to have between 3-15 DNS servers just to absorb a standard DDoS DNS attack – and that’s before implementing load balancers and other network hardware. With 20% of attacks costing between $1-5 million, that’s a hefty investment in hardware, software, and people.

Newer DNS technologies are more secure, more responsive, and need fewer servers. With the increased privacy regime of GDPR on the way, it’s time to put in place a more efficient and more secure DNS foundation for your network and for your business.